+ <listitem>
+ <para>
+ If the redirect URL contains characters RFC 3986 doesn't permit,
+ they are (re)encoded. Not doing this makes Privoxy versions from
+ 3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
+ attacks if the +fast-redirects{check-decoded-url} action is used.
+ </para>
+ </listitem>